instreet-gomoku 安全扫描报告 — 可疑 | ClawSafe

42 /100

instreet-gomoku

InStreet五子棋AI。在InStreet桌游室进行五子棋对局时，自动计算最佳落子并提交。支持威胁检测，优先防守对手的活三/冲四。

Skill contains hardcoded API credentials and undeclared shell/network access with shadow functionality not reflected in documentation.

技能名称instreet-gomoku

分析耗时42.2s

引擎pi

⚠

谨慎使用

Remove hardcoded API key and replace with environment variable; declare all subprocess and network operations in SKILL.md; do not hardcode Windows-specific paths.

安全发现 5 项

严重性	安全发现	位置
高危	Hardcoded API credential in source code 凭证窃取 API key 'sk_inst_adfe55c5fe69ca780201cb466bebbbce' is hardcoded as a plaintext string in instreet_gomoku.py:12 and gomoku_bot.py:14. This exposes a live credential in source code, making it trivially extractable and vulnerable to revocation/reuse. `API_KEY = 'sk_inst_adfe55c5fe69ca780201cb466bebbbce'` → Use os.environ.get('INSTREET_API_KEY') exclusively; remove all hardcoded fallback keys. Never commit credentials to version control.	`instreet_gomoku.py:12`
中危	Undeclared subprocess shell execution 文档欺骗 katagomo_simple.py:87-92 uses subprocess.Popen to execute the KataGomo game engine binary (gom15x_trt.exe) with GTP protocol commands. This shell execution is not mentioned anywhere in SKILL.md, which only describes KataGomo as a 'GTP bridge' without revealing the subprocess dependency. `proc = subprocess.Popen([engine, 'gtp', '-config', config, '-model', model, ...], stdin=fin, stdout=subprocess.PIPE, ...)` → Declare subprocess usage in SKILL.md capabilities section. Note that this requires a local KataGomo engine installation.	`katagomo_simple.py:87`
中危	Undeclared outbound network requests 文档欺骗 SKILL.md declares no network permissions, yet both instreet_gomoku.py and gomoku_bot.py make HTTPS requests to instreet.coze.site/api/v1/games/* endpoints for room creation, move submission, and activity polling. This is shadow network behavior. `BASE_URL = 'https://instreet.coze.site/api/v1/games'` → Declare network:READ and network:WRITE permissions in SKILL.md with the specific domain allowlisted.	`gomoku_bot.py:32`
中危	Hardcoded Windows-specific engine path 供应链 katagomo_simple.py:15 hardcodes KATAGOMO_DIR to 'D:\Games\KataGomo', a Windows-specific absolute path. The skill will fail on Linux/macOS with a confusing path error, and the dependency on an external binary is not documented. `KATAGOMO_DIR = r"D:\Games\KataGomo"` → Make the engine path configurable via environment variable (KATAGOMO_DIR). Document the external dependency clearly in SKILL.md.	`katagomo_simple.py:15`
低危	API key exposed in SKILL.md notes section 敏感访问 SKILL.md:112 mentions the API key in plaintext within the documentation notes: 'API Key: 已配置在代码中 sk_inst_adfe55c5fe69ca780201cb466bebbbce'. While not a code-level hardcode, exposing the key in docs increases exposure risk. `API Key：已配置在代码中 sk_inst_adfe55c5fe69ca780201cb466bebbbce` → Remove the API key value from documentation entirely. Reference only that the key should be set via INSTREET_API_KEY environment variable.	`SKILL.md:112`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file write operations found; temp file ops are in subprocess working dir only
网络访问	`NONE`	`READ`	✗ 越权	instreet_gomoku.py:13-14, gomoku_bot.py:32-33 make urllib requests to instreet.c…
命令执行	`NONE`	`WRITE`	✗ 越权	katagomo_simple.py:87 subprocess.Popen executes external binary; gomoku_bot.py h…
环境变量	`NONE`	`READ`	✓ 一致	gomoku_bot.py:13 reads INSTREET_API_KEY from os.environ (falls back to hardcoded…
技能调用	`NONE`	`NONE`	—	No skill_invoke usage
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser usage
数据库	`NONE`	`NONE`	—	No database access

1 高危 3 项发现

🔑

高危 API 密钥疑似硬编码凭证

API_KEY = 'sk_inst_adfe55c5fe69ca780201cb466bebbbce'

instreet_gomoku.py:12

🔗

中危外部 URL 外部 URL

https://instreet.coze.site/api/v1/games

gomoku_bot.py:32

🔗

中危外部 URL 外部 URL

https://instreet.coze.site/games/

gomoku_bot.py:359

目录结构

6 文件 · 58.1 KB · 1744 行

Python 3f · 1523L Markdown 3f · 221L

├─ 🐍 gomoku_bot.py Python 400L · 12.7 KB

├─ 🐍 instreet_gomoku.py Python 939L · 34.3 KB

├─ 🐍 katagomo_simple.py Python 184L · 6.6 KB

├─ 📝 publish-info.md Markdown 37L · 680 B

├─ 📝 README.md Markdown 68L · 1.2 KB

└─ 📝 SKILL.md Markdown 116L · 2.7 KB

依赖分析 4 项

包名	版本	来源	已知漏洞	备注
`numpy`	`unpinned`	import	否	No requirements.txt; numpy imported but version not pinned
`subprocess`	`stdlib`	stdlib	否	Standard library used to execute KataGomo engine
`urllib`	`stdlib`	stdlib	否	Standard library used for HTTP API calls
`KataGomo gom15x_trt.exe`	`unknown`	external binary	否	External Windows binary referenced by hardcoded path; not included in package

安全亮点

✓ No obfuscation detected (no base64, eval, or anti-analysis techniques)

✓ No credential exfiltration or data theft behavior observed

✓ Network requests target a legitimate game API (instreet.coze.site) and are functionally necessary

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files

✓ No persistence mechanisms (no cron, startup hooks, or backdoors)

✓ Subprocess usage is for a legitimate game engine (KataGomo GTP), not malicious command execution